[strongSwan-dev] VICI API for sending decrypt password for RSA private key

Andreas Steffen andreas.steffen at strongswan.org
Wed Jan 6 06:04:58 CET 2016

Hi Harry,

yes your assumption is correct. swanctl decrypts protected private
keys and sends them as plaintext via VICI to the charon daemon.

Best regards


On 06.01.2016 03:59, Harry Chan-Maestas wrote:
> Hi,
> Is this assumption/understanding correct? Going through the swantcl
> code, it seems that the way it deals with encrypted private keys is by
> reading the key, decrypting it, and sending the decrypted version to Charon.
> If this is not the case, would anyone know what is the API to send the
> encrypted RSA private key and the decrypt password to Charon through VICI?
> Thank you in advance,
> Harry

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4275 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20160106/e09e62d2/attachment.bin>

More information about the Dev mailing list